package com.geek.shiro;

import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;

@Configuration
public class ShiroConfiguration {
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager) {
        ShiroFilterFactoryBean filterFactoryBean = new ShiroFilterFactoryBean();

        // Map 的key： 请求的URI
        // Map 的value： 过滤器的名称
        // 过滤器是有序的 → 提供的Map里的键值对也是有序的 → LinkedHashMap
        // URI的书写，可以使用通配符 (1) * (2)**
        LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
        // knife4j 接口文档
        filterChainDefinitionMap.put("/images/**" ,"anon");
        filterChainDefinitionMap.put("/css/**", "anon");
        filterChainDefinitionMap.put("/js/**", "anon");
        filterChainDefinitionMap.put("/doc.html", "anon");
        filterChainDefinitionMap.put("/swagger-resources/**", "anon");
        filterChainDefinitionMap.put("/v2/api-docs", "anon");
        filterChainDefinitionMap.put("/webjars/**", "anon");
        // 微信接口
        filterChainDefinitionMap.put("/wx/auth/*", "anon");
        filterChainDefinitionMap.put("/wx/issue/list", "anon");
        filterChainDefinitionMap.put("/wx/home/index", "anon");
        filterChainDefinitionMap.put("/wx/category/*", "anon");
        filterChainDefinitionMap.put("/wx/goods/*", "anon");
        filterChainDefinitionMap.put("/wx/search/*", "anon");
        filterChainDefinitionMap.put("/wx/storage/*", "anon");
        filterChainDefinitionMap.put("/wx/coupon/*", "anon");
        filterChainDefinitionMap.put("/wx/comment/*", "anon");
        filterChainDefinitionMap.put("/wx/catelog/*", "anon");
        filterChainDefinitionMap.put("/wx/cart/add", "authc");
        filterChainDefinitionMap.put("/wx/cart/fastadd", "authc");
        filterChainDefinitionMap.put("/wx/cart/checkout", "authc");
        filterChainDefinitionMap.put("/wx/cart/index", "authc");
        filterChainDefinitionMap.put("/wx/cart/update", "authc");
        filterChainDefinitionMap.put("/wx/cart/delete", "authc");
        filterChainDefinitionMap.put("/wx/cart/checked", "authc");
        filterChainDefinitionMap.put("/wx/cart/goodscount", "anon");
        filterChainDefinitionMap.put("/wx/order/*", "authc");
        filterChainDefinitionMap.put("/wx/user/*", "authc");
        filterChainDefinitionMap.put("/wx/collect/*", "authc");
        filterChainDefinitionMap.put("/wx/address/*", "authc");


        // 如果没有登录的话，它会重定向 /login.jsp → 要修改重定向的地址
        filterFactoryBean.setLoginUrl("/wx/auth/unAuthc"); // 通过开发handler响应一段JSON字符串

        filterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
        filterFactoryBean.setSecurityManager(securityManager);
        return filterFactoryBean;
    }

    // Realm是容器中的组件
    // SecurityManager是容器中的组件
    // ShiroFilter也是容器中的组件
    @Bean
    public DefaultWebSecurityManager securityManager(CustomRealm customRealm, DefaultWebSessionManager sessionManager) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        // 设置认证器，但是你可以不设置，它会给你提供一个默认的认证器(ModularRealmAuthenticator)
        // securityManager.setAuthenticator();

        // 设置认证器，但是你可以不设置，它会给你提供一个默认的授权器(ModularRealmAuthorizer)
        //securityManager.setAuthorizer();


        // 给默认的认证器和授权器 提供realm
        securityManager.setRealm(customRealm);
        // 给默认的认证器和授权器 提供会话管理器
        securityManager.setSessionManager(sessionManager);
        return securityManager;
    }

    @Bean
    public DefaultWebSessionManager sessionManager() {
        return new CustomSessionManager();
    }

//    @Bean
//    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) {
//        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
//        advisor.setSecurityManager(securityManager);
//        return advisor;
//    }


}
